HOME
Getting Red Hat 9 to Work With Kerberos
Kerberos RPMs we need
krb5-workstation
krb5-libs
pam_krb5
iptables configuration
Network Ports
ftp 21/tcp # Kerberos ftp and telnet use the
telnet 23/tcp # default ports
kerberos 88/udp kdc # Kerberos V5 KDC
kerberos 88/tcp kdc # Kerberos V5 KDC
klogin 543/tcp # Kerberos authenticated rlogin
kshell 544/tcp cmd # and remote shell
kerberos-adm 749/tcp # Kerberos 5 admin/changepw
kerberos-adm 749/udp # Kerberos 5 admin/changepw
krb5_prop 754/tcp # Kerberos slave propagation
eklogin 2105/tcp # Kerberos auth. & encrypted rlogin
krb524 4444/tcp # Kerberos 5 to 4 ticket translator
Q: Why doesn't dce.buffalo.edu show up in DNS?
A: It's the realm, not a machine.
Notes
KDC is kerb1.acsu.buffalo.edu.
Realm is dce.buffalo.edu
After making changes to /etc/krb5.conf, reboot.
We need to configure PAM so that Kerberos is first and required for
authentication.
Links
MIT Kerberos Page
Frequently
Asked Questions about Kerberos
The
Moron's Guide to Kerberos, Version 1.2.2
How To Kerberize
your site
Kerberos
V5 System Administrator's Guide
Last Modified: July 29, 2003
David T Dudek